[Evolution] Bug#765838: marked as done (Evolution is not able to use TLSv1 or higher (only SSLv3))

[Debian Bug Tracking System]

Your message dated Mon, 03 Nov 2014 12:17:08 +0000
with message-id <e1xlgzi-0004ji...@franck.debian.org>
and subject line Bug#765838: fixed in evolution-data-server 3.4.4-3+deb7u1
has caused the Debian Bug report #765838,
regarding Evolution is not able to use TLSv1 or higher (only SSLv3)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
765838: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765838
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: evolution-data-server
Version: 3.4.4-3
Severity: critical


Issue
-----

Evolution is not able to use TLSv1 or higher (only SSLv3) when
configuring IMAP account with SSL on port 993.

On server side, when SSLv3 is disabled in Dovecot configuration,
Evolution client can't connect:
TLS handshaking: SSL_accept() failed: error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher

See https://bugzilla.redhat.com/show_bug.cgi?id=1153052 for more
details.

Many service provider disable SSLv3 on their server due to security hole
of SSLv3 (CVE-2014-3566 - Poodle vulnerability).


Where is the bug ?
------------------

>From evolution-data-server-3.4.4/camel/camel-network-service.c
---
        switch (method) {
                case CAMEL_NETWORK_SECURITY_METHOD_NONE:
                        stream = camel_tcp_stream_raw_new ();
                        break;

                case
CAMEL_NETWORK_SECURITY_METHOD_STARTTLS_ON_STANDARD_PORT:
                        stream = camel_tcp_stream_ssl_new_raw (
                                session, host,
                                CAMEL_TCP_STREAM_SSL_ENABLE_TLS);
                        break;

                case
CAMEL_NETWORK_SECURITY_METHOD_SSL_ON_ALTERNATE_PORT:
                        stream = camel_tcp_stream_ssl_new (
                                session, host,
                                CAMEL_TCP_STREAM_SSL_ENABLE_SSL2 |
                                CAMEL_TCP_STREAM_SSL_ENABLE_SSL3);
                        break;

                default:
                        g_return_val_if_reached (NULL);
        }

---
CAMEL_TCP_STREAM_SSL_ENABLE_TLS is missing after
CAMEL_TCP_STREAM_SSL_ENABLE_SSL3 for allow the use of TLS.


How fix the issue ?
-------------------

Apply patch in Redhat bugreport:
https://bugzilla.redhat.com/attachment.cgi?id=947480&action=diff



-- 
Nicolas DEFFAYET

--- End Message ---

--- Begin Message ---

Source: evolution-data-server
Source-Version: 3.4.4-3+deb7u1

We believe that the bug you reported is fixed in the latest version of
evolution-data-server, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 765...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Iain Lane <la...@debian.org> (supplier of updated evolution-data-server package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 02 Nov 2014 18:54:05 +0000
Source: evolution-data-server
Binary: evolution-data-server evolution-data-server-common 
evolution-data-server-dev evolution-data-server-dbg evolution-data-server-doc 
libedataserver-1.2-16 libedataserver1.2-dev gir1.2-edataserver-1.2 
libcamel-1.2-33 libcamel1.2-dev libebook-1.2-13 libebook1.2-dev 
gir1.2-ebook-1.2 libedataserverui-3.0-1 libedataserverui-3.0-dev 
libedata-book-1.2-13 libedata-book1.2-dev libecal-1.2-11 libecal1.2-dev 
gir1.2-ecalendar-1.2 libedata-cal-1.2-15 libedata-cal1.2-dev libebackend-1.2-2 
libebackend1.2-dev
Architecture: all amd64 source
Version: 3.4.4-3+deb7u1
Distribution: stable
Urgency: medium
Maintainer: Debian Evolution Maintainers 
<pkg-evolution-maintainers@lists.alioth.debian.org>
Changed-By: Iain Lane <la...@debian.org>
Closes: 765838
Description: 
 evolution-data-server-common - architecture independent files for Evolution 
Data Server
 evolution-data-server-dbg - evolution database backend server with debugging 
symbols
 evolution-data-server-dev - Development files for evolution-data-server 
(metapackage)
 evolution-data-server-doc - Documentation files for the Evolution Data Server 
libraries
 evolution-data-server - evolution database backend server
 gir1.2-ebook-1.2 - GObject introspection for the EBook library
 gir1.2-ecalendar-1.2 - GObject introspection for the ECalendar library
 gir1.2-edataserver-1.2 - GObject introspection for the EDataServer library
 libcamel-1.2-33 - Evolution MIME message handling library
 libcamel1.2-dev - Development files for libcamel
 libebackend-1.2-2 - Utility library for evolution data servers
 libebackend1.2-dev - Utility library for evolution data servers (development 
files)
 libebook-1.2-13 - Client library for evolution address books
 libebook1.2-dev - Client library for evolution address books (development 
files)
 libecal-1.2-11 - Client library for evolution calendars
 libecal1.2-dev - Client library for evolution calendars (development files)
 libedata-book-1.2-13 - Backend library for evolution address books
 libedata-book1.2-dev - Backend library for evolution address books 
(development files)
 libedata-cal-1.2-15 - Backend library for evolution calendars
 libedata-cal1.2-dev - Backend library for evolution calendars (development 
files)
 libedataserver-1.2-16 - Utility library for evolution data servers
 libedataserver1.2-dev - Utility library for evolution data servers 
(development files)
 libedataserverui-3.0-1 - GUI utility library for evolution data servers
 libedataserverui-3.0-dev - GUI utility library for evolution data servers 
(development files
Changes: 
 evolution-data-server (3.4.4-3+deb7u1) stable; urgency=medium
 .
   * 
debian/patches/evolution-data-server-3.10.4-poodle-enable-tls-for-ssl.patch:
     Enable all SSL/TLS versions supported by NSS (Closes: #765838)
Checksums-Sha1: 
 37dd0b6ef07d28387a2a42df7d4be8a663dd62e5 1358610 
evolution-data-server-common_3.4.4-3+deb7u1_all.deb
 744d6df2babe2a4b80b86249b0c5e5b578043bf2 859874 
evolution-data-server-doc_3.4.4-3+deb7u1_all.deb
 a17d93b8f113a89952351c87d16c4fa05bd5485e 805226 
evolution-data-server_3.4.4-3+deb7u1_amd64.deb
 f09ca69114ce17638f1024980be13e5b4a5f2658 412218 
evolution-data-server-dev_3.4.4-3+deb7u1_amd64.deb
 fd12d763e795261e6bc7039da1d9fddb227cc63a 5331120 
evolution-data-server-dbg_3.4.4-3+deb7u1_amd64.deb
 33307ce0cc63092b685394f19f5208e1e3484525 504084 
libedataserver-1.2-16_3.4.4-3+deb7u1_amd64.deb
 dbca41dd437e0bf1b5ef13328e62bb96aba1259b 457482 
libedataserver1.2-dev_3.4.4-3+deb7u1_amd64.deb
 d9cc7d1d494022ee1bd326b92a47b71d8cdd7e28 424252 
gir1.2-edataserver-1.2_3.4.4-3+deb7u1_amd64.deb
 6768b68e9a34d33e23a4f68b0b5a6b8661915708 776746 
libcamel-1.2-33_3.4.4-3+deb7u1_amd64.deb
 84ca8d038c9d565d63095a15b5d60c3e95f9b92c 472176 
libcamel1.2-dev_3.4.4-3+deb7u1_amd64.deb
 76825a6e9c43485234f33259588e3339c0cc096f 500698 
libebook-1.2-13_3.4.4-3+deb7u1_amd64.deb
 8122c08d92d863024cbc36493d562f3ee91c6681 446894 
libebook1.2-dev_3.4.4-3+deb7u1_amd64.deb
 40f289b62d2c9ef7a271954a110c443575ffd9b4 423472 
gir1.2-ebook-1.2_3.4.4-3+deb7u1_amd64.deb
 791253141817c1fe008b0aef6844a2b94333501f 499194 
libedataserverui-3.0-1_3.4.4-3+deb7u1_amd64.deb
 5510d00d45e750b2f6c673293a4a07a3c6ce0461 419952 
libedataserverui-3.0-dev_3.4.4-3+deb7u1_amd64.deb
 cf233fdf2e7af8b350d9ebef560a27f891f9335c 473020 
libedata-book-1.2-13_3.4.4-3+deb7u1_amd64.deb
 75faa83696d14b2b900d4539489e443a058539e0 419402 
libedata-book1.2-dev_3.4.4-3+deb7u1_amd64.deb
 df79dab2895dfbc7b67dea0e122e28095e964c8c 528280 
libecal-1.2-11_3.4.4-3+deb7u1_amd64.deb
 ae21afecbbfc9eab83c7ecbe6e4fbb675e4a15f0 449380 
libecal1.2-dev_3.4.4-3+deb7u1_amd64.deb
 4f1e5d041635320ca776c15018042ad104e7aa99 419632 
gir1.2-ecalendar-1.2_3.4.4-3+deb7u1_amd64.deb
 96e0d48d82ac08ccef27f143a2d29c58f2ee9cc6 489420 
libedata-cal-1.2-15_3.4.4-3+deb7u1_amd64.deb
 62e12f253f3047089f63351f92ed90e7e342348c 420142 
libedata-cal1.2-dev_3.4.4-3+deb7u1_amd64.deb
 094b6354c4cf19d86b150ec0f647b242c9e67c6d 429644 
libebackend-1.2-2_3.4.4-3+deb7u1_amd64.deb
 1e98101fbd0152c6959aff674f98e19e6ee36c4f 416288 
libebackend1.2-dev_3.4.4-3+deb7u1_amd64.deb
 1b0dc9ae63422a2fce4e15d5997f0e64540e653d 4927 
evolution-data-server_3.4.4-3+deb7u1.dsc
 c7625aeb05c105c52e1e8e02a1fe8a6a9c992685 24128 
evolution-data-server_3.4.4-3+deb7u1.debian.tar.xz
Checksums-Sha256: 
 2ea271caa1b74edc4bb1b2fbe907efd979f50f368941016f948e5e99e5d4617c 1358610 
evolution-data-server-common_3.4.4-3+deb7u1_all.deb
 feb04bbd1afce2145f1f65f3d7c38df4a35a9761df2b3499b13391f3c9cb810a 859874 
evolution-data-server-doc_3.4.4-3+deb7u1_all.deb
 0d9e2e00007b0700a962efe05cff114209285c1cc9232c1e1c9c41a5419030b4 805226 
evolution-data-server_3.4.4-3+deb7u1_amd64.deb
 536256c6c68615ac383b7ddfc1fcf1a00e61e22ebdca3c1052ecc84bf330fa3d 412218 
evolution-data-server-dev_3.4.4-3+deb7u1_amd64.deb
 6a2df1bb3cca669cd1d82f68f69bc73e1096406cb3b16dc97a08c1cbb3d8cc50 5331120 
evolution-data-server-dbg_3.4.4-3+deb7u1_amd64.deb
 56e1072dd1c34846c430e8181850bd96ca9a6cf7f8f973883cfada20d6839a31 504084 
libedataserver-1.2-16_3.4.4-3+deb7u1_amd64.deb
 c1e3c58b4bc420385a3f809c54a83cbdf7af2aefb961946aa209f7ae579f89c5 457482 
libedataserver1.2-dev_3.4.4-3+deb7u1_amd64.deb
 913669c44ec9506d55f990b921283132bc68ffa483b515b677a536a04d42f9df 424252 
gir1.2-edataserver-1.2_3.4.4-3+deb7u1_amd64.deb
 54ad45aa3f478e47b29830436ddcf0fddd8e1101f5d7c808e145b7d37f47e1c3 776746 
libcamel-1.2-33_3.4.4-3+deb7u1_amd64.deb
 5de86b2194556dc55459fbbcfe0c71c27f555a9b79f44dd6fbb23e95150063f6 472176 
libcamel1.2-dev_3.4.4-3+deb7u1_amd64.deb
 97261805ed0de6aff91aa96d44a3363da037564cee6cbfd473709da6d5b4eabf 500698 
libebook-1.2-13_3.4.4-3+deb7u1_amd64.deb
 4741b5a2cf646f0ba48bc164e9a10c3c25d85a85c96fdef846d61c83f28724aa 446894 
libebook1.2-dev_3.4.4-3+deb7u1_amd64.deb
 77c1957817d39790666789f91dfa9aef606582f5e73c5297faade4cc0420728f 423472 
gir1.2-ebook-1.2_3.4.4-3+deb7u1_amd64.deb
 58853326a50ca579ce375dbd5dd771b2ea6209a75c30a47cdbb17492f0b2b9e2 499194 
libedataserverui-3.0-1_3.4.4-3+deb7u1_amd64.deb
 24a2651f51a9fcf28bbf1d83d6eeeb332c758785908f1d927b7554860dfda25b 419952 
libedataserverui-3.0-dev_3.4.4-3+deb7u1_amd64.deb
 e51046475fb79e1489fae8a969d4499833e895aef2994c27e8b40ae7ca600e88 473020 
libedata-book-1.2-13_3.4.4-3+deb7u1_amd64.deb
 8acc8d016d63c78cd4647dcbe7f8e906ec0a77c2487dc691ac98c8df02b2046d 419402 
libedata-book1.2-dev_3.4.4-3+deb7u1_amd64.deb
 2ff0f956f286e0eff3e482d64ab0c90d52e0d9f70fa472c164319c142fc59040 528280 
libecal-1.2-11_3.4.4-3+deb7u1_amd64.deb
 1d859d9f36df283258cb161e8602e6c0a47dc817a392dd873a0bb49004296c4b 449380 
libecal1.2-dev_3.4.4-3+deb7u1_amd64.deb
 9a37c15e85ebbde8208a3123e012de1a95e5551fcd749ea102719b9ee622b664 419632 
gir1.2-ecalendar-1.2_3.4.4-3+deb7u1_amd64.deb
 8a2323981bf59740f3a9a9342157a75497c8efc50527c7fbdf543f5dab151dad 489420 
libedata-cal-1.2-15_3.4.4-3+deb7u1_amd64.deb
 cab7251acff28d085f07ba177e2b049c5c019fee0927e5e2b7dd9aea95f0e2ea 420142 
libedata-cal1.2-dev_3.4.4-3+deb7u1_amd64.deb
 b188acedec7a0defe15469ad760030d9cece493d4b5910d6cfc2d4274170b090 429644 
libebackend-1.2-2_3.4.4-3+deb7u1_amd64.deb
 01c220fe7243bd153b829d81379b11be73a1f74709d3d7f3ad8ab51f00a36ae9 416288 
libebackend1.2-dev_3.4.4-3+deb7u1_amd64.deb
 0e022de86e05e3b7d4bcd5468f9428fd7a419326972000947fdda80c3cf67439 4927 
evolution-data-server_3.4.4-3+deb7u1.dsc
 0a957024f44c6332e8f5024bee80abb2eb76addf9af91ee023b7821d1d5ec564 24128 
evolution-data-server_3.4.4-3+deb7u1.debian.tar.xz
Files: 
 ea20dcf48c5cb1d97b7f7ee4bc42fc2b 1358610 gnome optional 
evolution-data-server-common_3.4.4-3+deb7u1_all.deb
 b009c70dfb1ed4c36dcae6bae73fbdef 859874 doc optional 
evolution-data-server-doc_3.4.4-3+deb7u1_all.deb
 e460bdec00ce48cff9585226c8741bb2 805226 gnome optional 
evolution-data-server_3.4.4-3+deb7u1_amd64.deb
 9d5ade2025a0736d6e096984973fb667 412218 devel optional 
evolution-data-server-dev_3.4.4-3+deb7u1_amd64.deb
 a4cca2622e1eb17aa321ae61c38a1fec 5331120 debug extra 
evolution-data-server-dbg_3.4.4-3+deb7u1_amd64.deb
 aad2500ff0c884a26056b2f8351066e3 504084 libs optional 
libedataserver-1.2-16_3.4.4-3+deb7u1_amd64.deb
 e5300846973e3a2eec18821bec15f669 457482 libdevel optional 
libedataserver1.2-dev_3.4.4-3+deb7u1_amd64.deb
 779322a6e15abcc661b740abf1d79cab 424252 introspection optional 
gir1.2-edataserver-1.2_3.4.4-3+deb7u1_amd64.deb
 8af117fc4df8a02bac84fc3f7579cf48 776746 libs optional 
libcamel-1.2-33_3.4.4-3+deb7u1_amd64.deb
 9f0189eb42c5e2788ba461d82e4f0cb9 472176 libdevel optional 
libcamel1.2-dev_3.4.4-3+deb7u1_amd64.deb
 057d900ff1d68d3cfee6de0a5f7b0e79 500698 libs optional 
libebook-1.2-13_3.4.4-3+deb7u1_amd64.deb
 1b86f0fc93e4ffe31897a611f4624a89 446894 libdevel optional 
libebook1.2-dev_3.4.4-3+deb7u1_amd64.deb
 1c62df6b3f7432910d9315f5c81d7b75 423472 introspection optional 
gir1.2-ebook-1.2_3.4.4-3+deb7u1_amd64.deb
 fe71f064de705b7384a1f850be3ee26b 499194 libs optional 
libedataserverui-3.0-1_3.4.4-3+deb7u1_amd64.deb
 6686ed16e3c4538861dd3dd0de736784 419952 libdevel optional 
libedataserverui-3.0-dev_3.4.4-3+deb7u1_amd64.deb
 75b63ded790d64b494bc72a929afa846 473020 libs optional 
libedata-book-1.2-13_3.4.4-3+deb7u1_amd64.deb
 a85ac464b261ff6fb7538312e0e6dbc2 419402 libdevel optional 
libedata-book1.2-dev_3.4.4-3+deb7u1_amd64.deb
 d8e149e407dbb23e317ee37321f35a0e 528280 libs optional 
libecal-1.2-11_3.4.4-3+deb7u1_amd64.deb
 b056148de79f0e00d2e24e133f4c4ce8 449380 libdevel optional 
libecal1.2-dev_3.4.4-3+deb7u1_amd64.deb
 57a31d66773888ac08dd95564d945d78 419632 introspection optional 
gir1.2-ecalendar-1.2_3.4.4-3+deb7u1_amd64.deb
 c2f09bfc094f87529c8d6db90dedf641 489420 libs optional 
libedata-cal-1.2-15_3.4.4-3+deb7u1_amd64.deb
 fd1276729940253a95f942f4ed9615f9 420142 libdevel optional 
libedata-cal1.2-dev_3.4.4-3+deb7u1_amd64.deb
 b16f990af93c5cd2e7ff6222e00cf391 429644 libs optional 
libebackend-1.2-2_3.4.4-3+deb7u1_amd64.deb
 be11512894f777c7e6062f6b0c19e6bb 416288 libdevel optional 
libebackend1.2-dev_3.4.4-3+deb7u1_amd64.deb
 3de1d0067da243611b59071b91a653da 4927 gnome optional 
evolution-data-server_3.4.4-3+deb7u1.dsc
 2d42183dd1595f8d8ce93381bbc6bcd7 24128 gnome optional 
evolution-data-server_3.4.4-3+deb7u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJUVpa9AAoJEONS1cUcUEHUtnoP/j7BsZmSWV+WM/z7XjStpzMU
0czScJDFRNm8X2TToaqtSxHmzchdcN/emfJFDq/gBwMiBYKHtVH3pIV9vzNcKZpS
PUGoux0g6n5Rny408TkYx8VeVJzEHD2cX2ZTItUZZuNHh9Z0yr91TTo9k/NM/tvq
2iTCCcq0FRGvhOE2rqwJS8+6lhju+1akfxmK3XSyR0nH97vtFv2XpOQB/H3DOrOb
VfGetexzyN13iP5+rXZC1yvBTubX0eA1GZP/SYJtJChKBYzIXwR5RPKfgBXSpvaf
lLf3lQiv65vbqfmOkOUbb4oqfXaWEx1hxYBP6QfHn5wMiscm7aIG9KX/ZkTSAuN9
thdrsgZMuuJIW4YuPlyBHt5idA0hCK1zPsvupjmvwc9OBVm4GMC1ZR4gJFnB+ooY
rnw5T3cKvJBVqqcSBs3aiUflpSwtb3DuzSd9r/1XbRejv4MHZPHGscfz/YU4ae5G
BzxUSL9CXJKX8/xMpCvvzjm7vMnNvoVJQuEf1zO1nbM9isCRrBb9NXQYOQVPZaC0
+O2uhZEeu4tHhNO2Vvms6UmXlY6rjE75XMP0Qds7NimTdelDhxRQ6YLsqnvD3prs
5fgJWa4GWDafwgKdhxnpEqQKT+/tBeJ+p5vyKIekU4kO9v3HErv/JgsHuu4VAqIf
46E0fZrzdZVirGq4CdyI
=aL29
-----END PGP SIGNATURE-----

--- End Message ---

_______________________________________________
Pkg-evolution-maintainers mailing list
Pkg-evolution-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-evolution-maintainers